There are a number of ways to authenticate individuals. One method normally used for identifying a user is based on a secret identification code, also referred to as a PIN (Personal Identification Number). In a typical transaction involving a payment card, a user enters his PIN into a transaction terminal, which then communicates with a back end server computer. The back end server computer thereafter verifies that the PIN code is accurate. Although PINs are useful, there are some disadvantages. For example, the owner of the card must memorize the PIN and another person can commit fraud by stealing the PIN.
Another way to authenticate individuals is to use biometrics such as fingerprint readers. Although biometrics can be useful, there are disadvantages. For example, biometric devices are expensive to implement. Further, biometric data can be stolen. For example, fingerprints of individuals can be left on glasses and other objects. Such fingerprints could be replicated by others by creating fake fingerprint impressions. Like a PIN, once biometric data is stolen, it is possible for an unauthorized person to use this data to impersonate a real user.
Static signatures may also be used to authenticate a person. However, a static signature can be forged or electronically intercepted by unauthorized persons.
Embodiments of the invention address these and other problems, individually and collectively.